Privacy Policy

1. Introduction

Mailora, LLC ("Mailora", "we", "us", or "our") provides email deliverability testing, reputation monitoring, predictive analytics, multivariate content testing, and related services via usemailora.com and related subdomains (the "Services"). Mailora is a Wyoming limited liability company registered at:

This Privacy Policy explains what personal data we collect, how we use it, how we share it, your rights, and how to contact us. By using our Services you accept the practices described in this Privacy Policy.

2. Scope

This policy applies to personal data collected through our website, platform, APIs, integrations, and customer support channels. For customers and partners who require additional contractual assurances, a Data Processing Agreement (DPA) is available and may be executed separately.

3. Definitions

• "Personal data" means information relating to an identified or identifiable natural person.
• "Controller" / "Processor" terms are used as required by data protection laws and may be specified further in a DPA.

4. Information We Collect

A. Information you provide directly

• Account & contact details (name, email, company, billing address, phone).
• Credentials/configuration for integrations (SMTP/API credentials, domain names) --- you should only provide credentials you own or are authorized to provide.
• Message data and templates you submit for testing (see Section 7).
• Communications with support, surveys, and feedback.

B. Information we collect automatically

• Technical data: IP address, device/browser type, operating system, and session identifiers.
• Usage data: pages visited, features used, timestamps, and logs.
• Cookies and tracking data (see Cookie Policy).

C. Diagnostic / deliverability data

• Message headers, authentication headers (SPF/DKIM/DMARC), placement results (Inbox/Spam/Blocked), bounce codes, link domains, attachment metadata, and other metadata necessary for reporting and diagnostics.

D. Payment and billing data

• Billing contact, invoicing information, payment processor transaction IDs. We do not store full card numbers on our servers when third-party processors are used.

5. How We Use Your Information

We use personal data to:

• Provide and operate the Services (send tests, run diagnostics, generate reports).
• Authenticate accounts and enable integrations.
• Process payments, manage subscriptions, and prevent fraud.
• Communicate account notices, security alerts, and product updates.
• Improve and develop product features, including aggregated, anonymized analytics and predictive models.
• Comply with legal obligations and enforce our Terms.

We rely on contractual necessity (performance of a contract), legitimate interests (service operation, security, fraud prevention), consent (where applicable, e.g., marketing communications and optional cookies), and legal obligations as lawful bases for processing.

6. Message Content: Full vs Excerpts (Data Minimization)

To minimize risk and comply with data-protection principles:

• Default behavior: Mailora stores message headers and limited excerpts (for example: subject line, key headers, first 500 characters of the body, link domains, and attachment metadata) needed for diagnostics and reporting. These excerpts are sufficient for the majority of deliverability analyses and spam-trigger detection.
• Optional full-content storage (opt-in): Customers may opt-in in writing to allow Mailora to store full message bodies and attachments for a limited period to enable advanced features. If enabled, full content will be stored only for the retention period specified in Section 10, encrypted at rest, and accessible only to authorized personnel under strict procedures. Customers must confirm they have the right to provide such content and that they will not submit content that infringes third-party rights or contains unauthorized personal data.
• Deletion & access: Customers can request deletion of message content or excerpts at any time. Mailora will honor valid deletion requests in accordance with applicable law and the retention rules in Section 10.

7. Sharing and Disclosure

We may share personal data:

• With vendors and subprocessors who perform services for us (hosting, analytics, email delivery, payment processing). Subprocessors are contractually required to protect data. Current primary technology partners include: Cloudflare, Hetzner, Google Analytics, and Stripe.
• With law enforcement or regulators when required by law or to protect legal rights.
• In connection with business transfers (e.g., merger or sale), where notice will be provided as required.
• With your consent.

Mailora does not sell personal data.

8. International Data Transfers and Safeguards

Mailora is based in the United States. Data we collect may be transferred and processed in the United States or other jurisdictions. For transfers from the EEA/UK, Mailora implements appropriate safeguards such as the EU Standard Contractual Clauses (SCCs) and, where applicable, the UK Addendum. Mailora maintains documented technical and organizational measures (encryption, access controls, logging) and performs Transfer Impact Assessments as appropriate. Customers may request copies of SCCs and related documentation at contact@usemailora.com.

9. Security

We maintain reasonable technical and organizational measures to protect personal data, including encryption in transit (TLS), encryption at rest for sensitive data, role-based access controls, routine backups, and logging. We conduct security reviews and will respond to security incidents consistent with applicable law. Note: we are continually improving our security posture; any specific certifications (e.g., SOC 2, ISO 27001) will be listed on a dedicated Security page when obtained.

10. Data Retention

Mailora retains data only as long as necessary. Typical retention periods (subject to legal or contractual obligations):

• Account & contact information: active + 3 years after deletion.
• Authentication credentials (password hashes): until deletion (stored hashed).
• Billing & financial records: 7 years.
• Deliverability test results and reports: 12 months (standard accounts); up to 36 months for paid/enterprise accounts if agreed in writing.
• Message full-content (if opt-in): up to 30 days for standard accounts; up to 90 days for enterprise accounts.
• Message excerpts and headers: retained per the deliverability result retention above.
• Operational/security logs: 6-12 months.
• Backups: rolling backups for up to 90 days; archived backups up to 1 year if required.

If required by law or litigation hold, Mailora may retain specific data longer; in such cases we will notify customers as required.

11. Your Rights and Choices

Depending on your jurisdiction, you may have rights to:

• Access and receive a copy of personal data.
• Correct inaccurate or incomplete data.
• Request deletion or restriction of processing.
• Object to processing that is based on legitimate interests.
• Withdraw consent where processing is based on consent.
• Data portability requests.

To exercise rights, contact Mailora at contact@usemailora.com. We will respond in accordance with applicable law. For EU/EEA/UK and California residents, additional procedural steps and identity verification may be required.

12. Cookies and Tracking

Mailora uses cookies and similar technologies. See our Cookie Policy for details. You can manage cookie preferences via the cookie banner and by adjusting your browser settings. Disabling cookies may limit functionality.

13. Children

Our Services are not directed at children under 18. We do not knowingly collect personal data from children.

14. Changes to This Policy

We may update this Privacy Policy. Material changes will be posted on the site with an updated "Last updated" date. Continued use constitutes acceptance.

15. Contact

For privacy requests: contact@usemailora.com